Kaspersky LabKLA61753KLA61753 Multiple vulnerabilities in Wireshark
7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
7.3 High
AI Score
Confidence
High
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:N/A:P
0.001 Low
EPSS
Percentile
38.7%
Detect date:
01/18/2023
Severity:
High
Description:
Multiple vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service.
Affected products:
Wireshark 3.6.x earlier than 3.6.11
Wireshark 4.0.x earlier than 4.0.3
Solution:
Update to the latest version
Download Wireshark
Original advisories:
Wireshark • wnpa-sec-2023-03 Dissection engine crash
Wireshark • wnpa-sec-2023-04 GNW dissector crash
Wireshark • wnpa-sec-2023-01 EAP dissector crash
Wireshark • wnpa-sec-2023-06 Multiple dissector excessive loops
Wireshark • wnpa-sec-2023-05 iSCSI dissector crash
Wireshark • wnpa-sec-2023-02 NFS dissector memory leak
Wireshark • wnpa-sec-2023-07 TIPC dissector crash
Impacts:
OSI
Related products:
CVE-IDS:
CVE-2023-04116.5High
CVE-2023-04127.1High
CVE-2023-04136.5High
CVE-2023-04146.5High
CVE-2023-04156.5High
CVE-2023-04166.5High
CVE-2023-04176.5High
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0411
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0412
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0413
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0414
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0415
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0416
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0417
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Wireshark/
www.wireshark.org/download.html
www.wireshark.org/security/wnpa-sec-2023-01.html
www.wireshark.org/security/wnpa-sec-2023-02.html
www.wireshark.org/security/wnpa-sec-2023-03.html
www.wireshark.org/security/wnpa-sec-2023-04.html
www.wireshark.org/security/wnpa-sec-2023-05.html
www.wireshark.org/security/wnpa-sec-2023-06.html
www.wireshark.org/security/wnpa-sec-2023-07.html
Related
7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
7.3 High
AI Score
Confidence
High
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:N/A:P
0.001 Low
EPSS
Percentile
38.7%